Google released the security (monthly) update for Android Nexus devices on April 4. It also announced the list of security issues that was fixed, wherein eight critical bugs have been patched in this release.
Two weeks ago, Google talked to its partners about all the issues in this new bulletin, according to Source Android. For them and all those interested in the source code patches, Google made it available via the Android Open Source Project (AOSP). Among the eight critical bugs was one that affected the infamous libstagefright library, which had earlier faced major share of well-publicized vulnerabilities, Naked Security Sophos reported.
The most critical issues of this month, as noted by Google, would have probably allowed remote code execution on any affected device. It could do this through various methods like MMS when processing media files, web browsing and email. The media server service has access to privileges and audio and video streams that could not be accessed by other apps normally.
Between late 2015 and February 2016, most of the issues fixed in this security update were first reported. The overall fixes in this month's update are just below 30 known vulnerabilities. It includes eight critical bugs, 13 major vulnerabilities and eight other security issues. Factory images were also released by Google for users who wanted to have manual updates for their devices.
The enhancements in newer versions of Android platform make it difficult for exploitation of issues on Android. All Android users are hence recommended to update their Smartphones ASAP. Very soon, Nexus users are going to find an update for their phones.
The update will be first made available to all Nexus smartphones and tablets. Later, other devices will see this update. Few other manufacturers are also following Google in releasing monthly security updates. So other vulnerabilities are also expected to be fixed by them soon.